From ee84d0f512826fb35bf663665f0d7d284fd9b7e0 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Fri, 8 Nov 2019 08:10:18 +0000 Subject: automatic update --- data/CVE/2010.list | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'data/CVE/2010.list') diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 775bd71a59..1aa3d10daa 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -7336,8 +7336,7 @@ CVE-2010-2474 (JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enter - jbossas4 (Only builds a few libraries, not the full application server, #581226) CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through ...) - bugzilla (Only affects 3.5 to 3.7) -CVE-2010-2476 [syscp open_basedir bypassing] - RESERVED +CVE-2010-2476 (syscp 1.4.2.1 allows attackers to add arbitrary paths via the document ...) - syscp (bug #587481) CVE-2010-2469 (The Linear eMerge 50 and 5000 uses a default password of eMerge for th ...) NOT-FOR-US: Linear eMerge @@ -9593,8 +9592,7 @@ CVE-2010-1560 (Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 NOT-FOR-US: IBM DB2 CVE-2010-1559 (SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) c ...) NOT-FOR-US: com_sermonspeaker component for joomla! -CVE-2010-2447 [gitolite "not filtering src/ or hooks/ from pathnames"] - RESERVED +CVE-2010-2447 (gitolite before 1.4.1 does not filter src/ or hooks/ from path names. ...) - gitolite 1.4.2-1 (low) NOTE: http://secunia.com/advisories/39587/ CVE-2010-2448 (znc.cpp in ZNC before 0.092 allows remote authenticated users to cause ...) @@ -10201,8 +10199,7 @@ CVE-2010-1373 (Cross-site scripting (XSS) vulnerability in Help Viewer in Apple CVE-2010-1423 (Argument injection vulnerability in the URI handler in (a) Java NPAPI ...) - sun-java6 6.20-1 (high) [lenny] - sun-java6 6-20-0lenny1 -CVE-2010-2449 [gource: predictable log file located in /tmp] - RESERVED +CVE-2010-2449 (Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID. ...) - gource 0.26-2 (low; bug #577958) CVE-2010-1564 REJECTED @@ -11585,8 +11582,7 @@ CVE-2010-XXXX [esmtp: world-readable config file] NOTE: Documentation advises against adding password data to the respective config file CVE-2010-XXXX [irssi emote leak] - irssi-plugin-otr 1.0.0~alpha2-1 (unimportant; bug #569506) -CVE-2010-2450 [shibboleth-sp2: world-readable key] - RESERVED +CVE-2010-2450 (The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/s ...) - shibboleth-sp2 2.3.1+dfsg-2 (low; bug #571631) [lenny] - shibboleth-sp2 (Minor issue) - shibboleth-sp (Vulnerable code not present) -- cgit v1.2.3